|
@@ -542,6 +542,7 @@ int write_protobuf_msg_to_fd(int accept_fd, google::protobuf::MessageLite& messa
|
|
|
|
|
|
uint32_t write_to_fd(int fd, uint8_t* msg, uint32_t* expected_msg_length)
|
|
|
{
|
|
|
+ lseek(fd, 0, SEEK_SET);
|
|
|
ssize_t bytes_written;
|
|
|
bytes_written = write(fd, msg, *expected_msg_length);
|
|
|
if(bytes_written <= 0)
|
|
@@ -552,13 +553,14 @@ uint32_t write_to_fd(int fd, uint8_t* msg, uint32_t* expected_msg_length)
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
|
-uint32_t read_from_fd(int fd, uint8_t* msg, uint32_t* expected_msg_length)
|
|
|
+uint32_t read_from_fd(int fd, uint8_t* msg, size_t* expected_msg_length)
|
|
|
{
|
|
|
ssize_t bytes_read;
|
|
|
lseek(fd, 0, SEEK_SET);
|
|
|
bytes_read = read(fd, msg, *expected_msg_length);
|
|
|
if(bytes_read <= 0)
|
|
|
return 0xFFFFFFFF;
|
|
|
+ *expected_msg_length = bytes_read;
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
@@ -690,34 +692,39 @@ int local_attestation_initiator(__attribute__((unused)) uint8_t* expected_mr_s
|
|
|
fflush(stdout);
|
|
|
return 0;
|
|
|
}
|
|
|
-/*
|
|
|
-uint32_t unseal_signing_key_pair_from_disk(int fd, __attribute__((unused)) sgx_ec256_public_t* pub_key, uint32_t* actual_sealed_msg_length)
|
|
|
+
|
|
|
+uint32_t unseal_signing_key_pair_from_disk(int fd, __attribute__((unused)) sgx_ec256_public_t* pub_key, size_t* actual_sealed_msg_length)
|
|
|
{
|
|
|
uint32_t ret_status;
|
|
|
uint8_t* sgx_sealed_msg;
|
|
|
- sgx_sealed_msg = (uint8_t*) malloc(*actual_sealed_msg_length);
|
|
|
+ printf("expected read 0x%ld\n", *actual_sealed_msg_length);
|
|
|
+ sgx_sealed_msg = (uint8_t*) malloc(0x300); // malloc(*actual_sealed_msg_length); (0x300 for EDL)
|
|
|
ret_status = read_from_fd(fd, sgx_sealed_msg, actual_sealed_msg_length);
|
|
|
if(ret_status != 0)
|
|
|
{
|
|
|
free(sgx_sealed_msg);
|
|
|
return 0xFFFFFFFF;
|
|
|
}
|
|
|
-
|
|
|
+ printf("actual read 0x%ld and ret_status 0x%x\n", *actual_sealed_msg_length, ret_status); fflush(stdout);
|
|
|
+ size_t counter;
|
|
|
+ for(counter=0;counter<*actual_sealed_msg_length;counter++)
|
|
|
+ printf("%x ", *(sgx_sealed_msg+counter));
|
|
|
+ printf("\n"); fflush(stdout);
|
|
|
Decryptor_unseal_and_restore_sealed_signing_key_pair(e2_enclave_id, &ret_status, pub_key, sgx_sealed_msg, actual_sealed_msg_length);
|
|
|
free(sgx_sealed_msg);
|
|
|
return ret_status;
|
|
|
}
|
|
|
-*/
|
|
|
-uint32_t create_and_seal_signing_key_pair_to_disk( __attribute__((unused)) int fd, __attribute__((unused)) sgx_ec256_public_t* pub_key, __attribute__((unused)) uint32_t* actual_sealed_msg_length)
|
|
|
+
|
|
|
+uint32_t create_and_seal_signing_key_pair_to_disk( __attribute__((unused)) int fd, __attribute__((unused)) sgx_ec256_public_t* pub_key)
|
|
|
{
|
|
|
- uint32_t ret_status;
|
|
|
+ uint32_t ret_status;
|
|
|
// Generating a signing ECDSA key to sign the encryption key.
|
|
|
uint32_t length;
|
|
|
- Decryptor_calculate_sealed_data_size(e2_enclave_id, &length, SGX_ECP256_KEY_SIZE); // sgx_calc_sealed_data_size(0,3*SGX_ECP256_KEY_SIZE);
|
|
|
+ Decryptor_calculate_sealed_data_size(e2_enclave_id, &length, 3*SGX_ECP256_KEY_SIZE); // sgx_calc_sealed_data_size(0,3*SGX_ECP256_KEY_SIZE);
|
|
|
if(length == 0xFFFFFFFF)
|
|
|
return 0xFFFFFFFF;
|
|
|
- printf("0x%x input msg, 0x%x bytes for sealed msg in parameter value\n", SGX_ECP256_KEY_SIZE, length); fflush(stdout);
|
|
|
- uint8_t* sealed_data=(uint8_t*) malloc(length);
|
|
|
+ printf("0x%x input msg, 0x%x bytes for sealed msg in parameter value\n", 3*SGX_ECP256_KEY_SIZE, length); fflush(stdout);
|
|
|
+ uint8_t* sealed_data=(uint8_t*) malloc(0x300);
|
|
|
printf("Made call to sgx_calc_sealed_data_size\n"); fflush(stdout);
|
|
|
Decryptor_create_and_seal_ecdsa_signing_key_pair(e2_enclave_id, &ret_status, pub_key, &length, sealed_data);
|
|
|
if(ret_status != SGX_SUCCESS)
|
|
@@ -727,12 +734,14 @@ uint32_t create_and_seal_signing_key_pair_to_disk( __attribute__((unused)) int
|
|
|
return 0xFFFFFFFF;
|
|
|
}
|
|
|
printf("It returned sgx_success\n"); fflush(stdout); // *actual_sealed_msg_length=length;
|
|
|
-
|
|
|
+
|
|
|
ret_status = write_to_fd(fd, sealed_data, &length);
|
|
|
free(sealed_data);
|
|
|
- if(ret_status > 0)
|
|
|
- *actual_sealed_msg_length = ret_status;
|
|
|
- return 0;
|
|
|
+// if(ret_status > 0)
|
|
|
+// *actual_sealed_msg_length = ret_status;
|
|
|
+// return 0;
|
|
|
+
|
|
|
+return ret_status;
|
|
|
}
|
|
|
|
|
|
int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
|
|
@@ -743,10 +752,11 @@ int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
|
|
|
int launch_token_updated;
|
|
|
sgx_launch_token_t launch_token;
|
|
|
// uint8_t* pub_key = (uint8_t*) malloc(2*SGX_ECP256_KEY_SIZE);
|
|
|
- sgx_ec256_public_t pub_key;
|
|
|
+ sgx_ec256_public_t pub_key; uint32_t counter;
|
|
|
|
|
|
|
|
|
- uint32_t actual_sealed_msg_length;
|
|
|
+// long int actual_sealed_msg_length;
|
|
|
+ size_t sealed_msg_length_in_file;
|
|
|
status = sgx_create_enclave(Decryptor_PATH, SGX_DEBUG_FLAG, &launch_token, &launch_token_updated, &e2_enclave_id, NULL);
|
|
|
if(status != SGX_SUCCESS)
|
|
|
{
|
|
@@ -770,13 +780,23 @@ int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
|
|
|
}
|
|
|
printf("\nSuccessfully opened a file to seal the signing key pair for the client.\n");
|
|
|
fflush(stdout);
|
|
|
- int start = lseek(sealed_signing_key_fd, 0, SEEK_CUR);
|
|
|
- int end = lseek(sealed_signing_key_fd, 0, SEEK_END);
|
|
|
- if(start == end && start != -1)
|
|
|
+// int start = lseek(sealed_signing_key_fd, 0, SEEK_SET);
|
|
|
+// int end = lseek(sealed_signing_key_fd, 0, SEEK_END);
|
|
|
+ struct stat st; ret_status = fstat(sealed_signing_key_fd, &st);
|
|
|
+ //sealed_msg_length_in_file = st.st_size;
|
|
|
+ if(ret_status != 0)
|
|
|
+ {
|
|
|
+ perror("error in finding the file size. - ");
|
|
|
+ fflush(stderr);
|
|
|
+ return 0xffffffff;
|
|
|
+
|
|
|
+ }
|
|
|
+ sealed_msg_length_in_file = st.st_size;
|
|
|
+ if(sealed_msg_length_in_file == 0) //if(start == end && start != -1)
|
|
|
{
|
|
|
// TODO: file is empty. create signing key pair.
|
|
|
- start = lseek(sealed_signing_key_fd, 0, SEEK_CUR);
|
|
|
- ret_status = create_and_seal_signing_key_pair_to_disk(sealed_signing_key_fd, &pub_key, &actual_sealed_msg_length);
|
|
|
+ // int start = lseek(sealed_signing_key_fd, 0, SEEK_SET);
|
|
|
+ ret_status = create_and_seal_signing_key_pair_to_disk(sealed_signing_key_fd, &pub_key);
|
|
|
if(ret_status != 0)
|
|
|
{
|
|
|
printf("\n error in generating the ecdsa signing key pair \n");
|
|
@@ -785,13 +805,21 @@ int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
|
|
|
}
|
|
|
fflush(stdout);
|
|
|
printf("\n Generated the ecdsa key pair successfully - gx, gy\n");
|
|
|
+ for(counter=0;counter<32;counter++)
|
|
|
+ printf("0x%x ",pub_key.gx[counter]);
|
|
|
+ printf("\n");
|
|
|
+ for(counter=0;counter<32;counter++)
|
|
|
+ printf("0x%x ",pub_key.gy[counter]);
|
|
|
+ printf("\n");
|
|
|
+ fflush(stdout);
|
|
|
+
|
|
|
fflush(stdout);
|
|
|
}
|
|
|
-/* else {
|
|
|
- start = lseek(sealed_signing_key_fd, 0, SEEK_CUR);
|
|
|
- if(actual_sealed_msg_length == 0)
|
|
|
- actual_sealed_msg_length = end - start;
|
|
|
- ret_status = unseal_signing_key_pair_from_disk(sealed_signing_key_fd, &pub_key, &actual_sealed_msg_length);
|
|
|
+ else {
|
|
|
+// start = lseek(sealed_signing_key_fd, 0, SEEK_CUR);
|
|
|
+ // if(actual_sealed_msg_length == 0)
|
|
|
+ // actual_sealed_msg_length = size; // - start;
|
|
|
+ ret_status = unseal_signing_key_pair_from_disk(sealed_signing_key_fd, &pub_key, &sealed_msg_length_in_file);
|
|
|
if(ret_status != SGX_SUCCESS)
|
|
|
{
|
|
|
printf("\n error in unsealing the ecdsa signing key pair:%d \n", ret_status);
|
|
@@ -799,9 +827,15 @@ int main(__attribute__((unused)) int argc, __attribute__((unused)) char* argv[])
|
|
|
return 0xFFFFFFFF;
|
|
|
}
|
|
|
printf("\n Recovered the ecdsa key pair successfully - gx, gy\n");
|
|
|
+ for(counter=0;counter<32;counter++)
|
|
|
+ printf("0x%x ",pub_key.gx[counter]);
|
|
|
+ printf("\n");
|
|
|
+ for(counter=0;counter<32;counter++)
|
|
|
+ printf("0x%x ",pub_key.gy[counter]);
|
|
|
+ printf("\n");
|
|
|
fflush(stdout);
|
|
|
}
|
|
|
-*/
|
|
|
+ close(sealed_signing_key_fd);
|
|
|
|
|
|
// TODO: Continue with other msgs - send sign(enc | verifier mr_enclave)
|
|
|
sgx_destroy_enclave(e2_enclave_id);
|